OTL logfile created on: 8/1/2013 8:47:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Eve\Desktop
64bit-Windows Server 2003  Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 2.92 Gb Available Physical Memory | 73.04% Memory free
13.74 Gb Paging File | 12.82 Gb Available in Paging File | 93.30% Paging File free
Paging file location(s): c:\pagefile.sys 6141 9000y:\pagef [Binary data over 200 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 117.19 Gb Total Space | 63.07 Gb Free Space | 53.82% Space Free | Partition Type: NTFS
Drive D: | 214.85 Gb Total Space | 14.24 Gb Free Space | 6.63% Space Free | Partition Type: NTFS
Drive X: | 18.03 Gb Total Space | 16.93 Gb Free Space | 93.90% Space Free | Partition Type: NTFS
Drive Y: | 7.91 Gb Total Space | 3.88 Gb Free Space | 48.99% Space Free | Partition Type: NTFS
Drive Z: | 23.93 Gb Total Space | 15.92 Gb Free Space | 66.52% Space Free | Partition Type: FAT32
 
Computer Name: PHOTO1 | User Name: Eve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/08/01 20:46:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eve\desktop\OTL.exe
PRC - [2013/08/01 20:18:08 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Java\jre7\bin\jqs.exe
PRC - [2013/06/27 13:01:08 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2013/04/18 20:38:38 | 000,491,840 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
PRC - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2013/01/31 07:26:23 | 001,259,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2011/02/14 09:55:16 | 000,043,520 | R--- | M] () -- C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
PRC - [2008/09/10 14:01:28 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/07/30 18:23:44 | 000,181,312 | ---- | M] () -- C:\Program Files (x86)\Photodex\ProShowGold\scsiaccess.exe
PRC - [2008/06/19 14:22:08 | 000,868,352 | ---- | M] () -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
PRC - [2007/10/22 16:31:14 | 000,323,584 | ---- | M] () -- C:\Program Files (x86)\GEEK SQUAD UPS\pppeuser.exe
PRC - [2004/03/04 02:05:26 | 000,131,177 | ---- | M] () -- C:\Program Files (x86)\CardReader2.0\OTiReader.exe
PRC - [2004/02/26 06:46:48 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\CardReader2.0\CRBroadCasting.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/08/01 11:33:46 | 002,089,984 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13080101\algo.dll
MOD - [2013/07/21 11:02:15 | 016,166,280 | ---- | M] () -- C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013/06/27 13:01:06 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madbasic_.bpl
MOD - [2013/01/15 18:47:50 | 000,517,440 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\sqlite3.dll
MOD - [2013/01/02 13:41:00 | 001,278,976 | ---- | M] () -- C:\WINDOWS\SysWOW64\quartz.dll
MOD - [2011/02/14 09:55:16 | 000,043,520 | R--- | M] () -- C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
MOD - [2008/07/30 18:23:44 | 000,181,312 | ---- | M] () -- C:\Program Files (x86)\Photodex\ProShowGold\scsiaccess.exe
MOD - [2008/06/19 14:22:08 | 000,868,352 | ---- | M] () -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
MOD - [2007/10/22 16:31:14 | 000,323,584 | ---- | M] () -- C:\Program Files (x86)\GEEK SQUAD UPS\pppeuser.exe
MOD - [2004/03/04 02:05:26 | 000,131,177 | ---- | M] () -- C:\Program Files (x86)\CardReader2.0\OTiReader.exe
MOD - [2004/02/26 06:46:48 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\CardReader2.0\CRBroadCasting.exe
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/08/01 20:18:08 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files (x86)\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/07/21 11:02:15 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/27 13:01:07 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2013/01/31 07:26:23 | 001,259,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2010/08/18 02:31:42 | 000,111,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2008/09/10 14:01:28 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008/07/30 18:23:44 | 000,181,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Photodex\ProShowGold\scsiaccess.exe -- (ScsiAccess)
SRV - [2008/07/25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/19 14:22:08 | 000,868,352 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe -- (ppped)
SRV - [2007/10/14 21:15:16 | 000,963,072 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2007/02/17 00:44:20 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll -- (helpsvc)
SRV - [2006/10/18 21:05:24 | 000,913,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2004/03/04 02:05:26 | 000,131,177 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CardReader2.0\OTiReader.exe -- (OTi Card Reader Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2005/06/01 03:55:06 | 000,039,424 | R--- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\GVCplDrv64.sys -- (GVCPLDrv64)
DRV - [2005/03/31 13:33:50 | 000,014,848 | ---- | M] (ABIT) [Kernel | Boot | Running] -- C:\WINDOWS\SysWOW64\Drivers\uGuru.sys -- (UGURU)
DRV - [2005/03/25 08:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysWow64\mnmdd.dll -- (mnmdd)
DRV - [2005/03/25 08:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\WINDOWS\SysWow64\winsock.dll -- (Winsock)
DRV - [2005/02/03 01:50:28 | 000,004,224 | ---- | M] () [File_System | System | Unknown] -- C:\WINDOWS\SysWow64\StarOpen.sys -- (StarOpen)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.prolabexpress.com/
IE - HKCU\..\SearchScopes,DefaultScope = Yahoo!
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\Yahoo!: "URL" = http://us.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=iobit-trans
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.prolabexpress.com/"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Eve\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/14 12:27:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/06/27 13:00:49 | 000,000,000 | ---D | M]
 
[2008/12/09 23:28:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eve\Application Data\Mozilla\Extensions
[2013/06/29 12:05:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eve\Application Data\Mozilla\Firefox\Profiles\t225qmc8.default\extensions
[2010/04/28 07:47:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Eve\Application Data\Mozilla\Firefox\Profiles\t225qmc8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/06/29 12:05:15 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Documents and Settings\Eve\Application Data\Mozilla\Firefox\Profiles\t225qmc8.default\extensions\ascsurfingprotection@iobit.com
[2013/06/27 13:00:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/06/27 13:01:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF
[2013/05/14 12:27:08 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
 
Hosts file not found
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:[b]64bit:[/b] - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
O3:[b]64bit:[/b] - HKCU\..\Toolbar\ShellBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - %SystemRoot%\system32\SHELL32.dll File not found
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - %SystemRoot%\system32\SHELL32.dll File not found
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup File not found
O4:[b]64bit:[/b] - HKLM..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login File not found
O4:[b]64bit:[/b] - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CRBroadCasting] C:\Program Files (x86)\CardReader2.0\CRBroadCasting.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe ()
O4 - HKCU..\Run: [Advanced SystemCare 6] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe (IObit)
O4 - HKCU..\Run: [PowerPanel Personal Edition User Interaction] C:\Program Files (x86)\GEEK SQUAD UPS\pppeuser.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Locate Spot on Map by GPS - C:\Program Files (x86)\Opanda\IExif 2.26\IExifMap.htm ()
O8:[b]64bit:[/b] - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Program Files (x86)\Opanda\IExif 2.26\IExifCom.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Locate Spot on Map by GPS - C:\Program Files (x86)\Opanda\IExif 2.26\IExifMap.htm ()
O8 - Extra context menu item: View Exif/GPS/IPTC with IExif - C:\Program Files (x86)\Opanda\IExif 2.26\IExifCom.htm ()
O9:[b]64bit:[/b] - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - %SystemRoot%\system32\mswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - %SystemRoot%\system32\mswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - %SystemRoot%\system32\mswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - %SystemRoot%\system32\mswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - %SystemRoot%\system32\mswsock.dll File not found
O16:[b]64bit:[/b] - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x64/client/wuweb_site.cab?1342913664578 (WUWebControl Class)
O16:[b]64bit:[/b] - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} http://www.photodex.com/pxplay.cab (Reg Error: Key error.)
O16:[b]64bit:[/b] - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} http://download.abacast.com/download/files/abasetup162.cab (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1152736626415 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342913712843 (MUWebControl Class)
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} http://www.prolabexpress.com/ImageUploader4.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} http://www.prolabexpress.com/ImageUploader3.cab (Aurigma Image Uploader 3.5 Control)
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab (FujifilmUploader Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} Reg Error: Value error. (Photodex Presenter AX control)
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} http://www.prolabexpress.com/XUpload.ocx (Persits Software XUpload)
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} http://www.prolabexpress.com/ImageUploader4.cab (Image Uploader Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E57CDF3E-9E36-4E24-B755-288E09B49330}: DhcpNameServer = 192.168.2.1 209.18.47.61 209.18.47.62
O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\http\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\http\oledb - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\https\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\https\oledb - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:[b]64bit:[/b] - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:[b]64bit:[/b] - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:[b]64bit:[/b] - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -  File not found
O20:[b]64bit:[/b] - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) -  File not found
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (lsass.exe) -  File not found
O20 - HKLM Winlogon: UserInit - (userinit) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\cscdll: DllName - (cscdll.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) -  File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) -  File not found
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) -  File not found
O20 - Winlogon\Notify\termsrv: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) -  File not found
O21:[b]64bit:[/b] - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:[b]64bit:[/b] - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:[b]64bit:[/b] - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll File not found
O21:[b]64bit:[/b] - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll File not found
O22:[b]64bit:[/b] - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found
O22:[b]64bit:[/b] - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Eve\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Eve\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/07/11 22:50:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/05/06 22:31:45 | 000,321,315 | ---- | M] () - D:\autoviewer.zip -- [ NTFS ]
O33 - MountPoints2\{c4887888-5b2e-11e2-9116-00508d91224f}\Shell - "" = AutoRun
O33 - MountPoints2\{c4887888-5b2e-11e2-9116-00508d91224f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c4887888-5b2e-11e2-9116-00508d91224f}\Shell\AutoRun\command - "" = G:\ToolLauncher-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/08/01 20:46:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Eve\Desktop\OTL.exe
[2013/08/01 20:21:01 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/08/01 17:26:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Eve\Recent
[11 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/08/01 20:46:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eve\Desktop\OTL.exe
[2013/08/01 20:35:01 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/08/01 20:34:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/08/01 20:28:38 | 000,000,320 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2013/08/01 20:27:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/08/01 07:13:48 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\Eve\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk
[2013/07/30 02:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PHOTO1-Eve.job
[2013/07/26 21:22:01 | 000,000,664 | ---- | M] () -- C:\WINDOWS\SysWow64\d3d9caps.dat
[2013/07/25 08:13:17 | 000,002,243 | ---- | M] () -- C:\Documents and Settings\Eve\Desktop\SmartFTP Client.lnk
[2013/07/19 19:27:38 | 000,000,889 | ---- | M] () -- C:\Documents and Settings\Eve\Application Data\Microsoft\Internet Explorer\Quick Launch\Smart Defrag 2.lnk
[2013/07/19 19:27:38 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Smart Defrag 2.lnk
[2013/07/19 13:13:06 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\Eve\Application Data\Adobe BMP Format CS5 Prefs
[2013/07/14 23:25:34 | 000,073,438 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/07/12 17:50:50 | 000,063,364 | -H-- | M] () -- C:\WINDOWS\SysWow64\mlfcache.dat
[2013/07/09 11:20:22 | 001,520,069 | ---- | M] () -- D:\Eve's Documents\13_brochure.jpg
[11 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/07/19 13:13:06 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Eve\Application Data\Adobe BMP Format CS5 Prefs
[2013/07/09 11:20:22 | 001,520,069 | ---- | C] () -- D:\Eve's Documents\13_brochure.jpg
[2013/04/08 10:02:21 | 000,517,397 | ---- | C] () -- C:\Documents and Settings\Eve\Local Settings\Application Data\census.cache
[2013/04/08 10:02:16 | 000,163,396 | ---- | C] () -- C:\Documents and Settings\Eve\Local Settings\Application Data\ars.cache
[2013/04/08 09:53:26 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Eve\Local Settings\Application Data\housecall.guid.cache
[2012/10/31 12:39:52 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Eve\Application Data\Adobe PNG Format CS5 Prefs
[2012/10/28 14:05:55 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\Eve\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2011/09/28 11:17:55 | 000,063,364 | -H-- | C] () -- C:\WINDOWS\SysWow64\mlfcache.dat
[2011/09/15 22:54:06 | 000,000,664 | ---- | C] () -- C:\WINDOWS\SysWow64\d3d9caps.dat
[2011/07/29 14:15:47 | 000,060,864 | ---- | C] () -- C:\Documents and Settings\Eve\g2mdlhlpx.exe
[2007/08/01 08:44:57 | 000,013,698 | ---- | C] () -- C:\Documents and Settings\All Users\Adobe Bridge Cache.bc
[2007/08/01 08:44:57 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\All Users\Adobe Bridge Cache.bct
[2007/01/20 11:57:56 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Eve\Local Settings\Application Data\fusioncache.dat
[2006/11/16 13:11:13 | 000,060,928 | ---- | C] () -- C:\Documents and Settings\Eve\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2006/07/12 16:59:54 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = %SystemRoot%\system32\shdocvw.dll
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\SysWOW64\shdocvw.dll -- [2007/02/18 11:05:50 | 001,508,352 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\system32\wbem\fastprox.dll
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\SysWOW64\wbem\fastprox.dll -- [2009/03/19 19:51:22 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\system32\wbem\wbemess.dll
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009/07/27 21:35:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOP
[2013/03/07 14:34:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/02/07 09:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2013/04/10 11:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2012/03/26 11:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2012/01/26 20:52:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{0D3D582F-8048-4465-9120-DB95415F91AD}
[2012/01/27 16:30:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{170C1966-15F2-48B8-AB1A-1EAAD775C8BE}
[2012/02/14 10:59:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{33BC0E96-6441-46C9-9F09-529996C10736}
[2012/01/27 22:24:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{35056848-1DF5-4D37-85C5-0134DA6F6DFD}
[2012/01/27 16:58:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{3D9F190A-0F10-4AD6-809B-E15B73D0B8BE}
[2012/02/14 10:59:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{3FC6E797-6A27-41D8-BCD6-DFD8BCD6103E}
[2012/01/27 16:57:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{54AE07EB-BBE5-4429-9DF3-C156DB112B54}
[2012/02/14 10:55:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{5BCAA0F1-4CEB-4ED4-9E18-B9D4FB521338}
[2013/01/07 18:09:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7E8842F4-ECF1-457B-9B22-AA8299B810D9}
[2012/02/14 10:55:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{89E2929F-C967-49CB-9FE3-FD86B97312FE}
[2011/11/15 17:55:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{ABC7326D-27C4-4601-8B2C-50AABC4C287C}
[2011/11/15 17:54:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{AE93E0EC-AB92-4D27-9DA8-1BCEE7181244}
[2012/01/19 16:08:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B21E6C95-1429-4BC6-AA4D-4219C78235A1}
[2012/01/19 16:08:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{CB2950A3-A919-41C2-8920-64738E7DDEE8}
[2013/03/12 10:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013/01/07 18:09:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D9F9C87D-6338-4977-AD5C-EE6EE6F6B6EC}
[2012/01/26 20:53:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{DC0B0438-80C4-417C-BC8B-CBC176DB6E18}
[2012/01/27 16:29:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{E314972B-E8D6-465D-AE74-6CC08535701F}
[2012/01/27 16:28:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{EC2F7042-ADE8-4F04-9A7E-2316AD6311E2}
[2012/01/27 16:30:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{EE095810-EED4-4DA0-94B4-24E9E1294094}
[2012/01/27 22:24:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{F7D319B6-E312-49A7-AA67-4737E676DD03}
[2010/06/08 13:20:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\Aleo Software
[2010/03/22 13:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\Amazon
[2012/10/04 12:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\Anthropics
[2012/03/26 12:43:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/02/10 13:27:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2006/07/15 16:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\DeepBurner Pro
[2008/09/06 14:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\ExpressDigital
[2012/02/10 13:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\Facebook
[2010/05/04 16:08:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\FlashPaletteEditor13Gavin.3C7B62C82486DACC1A3C3C969AC37A107CDB7879.1
[2013/04/04 19:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\Glarysoft
[2009/06/17 20:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\Imagenomic
[2013/04/10 12:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\IObit
[2006/07/24 11:20:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\Netscape
[2006/07/16 10:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\Nikon
[2006/08/03 09:10:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\Opera
[2008/07/30 18:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\Photodex
[2006/10/27 15:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\Snapfish
[2012/02/10 14:14:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/09/28 11:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eve\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >